The siren song of exchanging safety for privacy has long been sung by government. Now, private companies have learned to sing it too. Don’t fall for it.
Earlier this month, the tech-focused publication Motherboard proved that cellphone location data was being sold to third-party companies —including bounty hunters. One of the companies that profited from the sale of sensitive and highly revealing location data was the data broker Zumigo. Now, new information shows that that company lobbied for even less protection of consumer data — ironically justifying less protections on arguments about security.
Other recent investigations on cellphone data have revealed the very real threats posed by inadequate privacy protections. The New York Times, for example, demonstrated that pings from a cellphone could, with a high degree of accuracy, track the daily movement of an individual — sometimes offering updates every minute or even every few seconds. That information could easily be traced to a single user based on where the phone was most nights. With the address in hand, public records reveal names and a treasure trove of information and, disturbingly, the ability to follow someone as they go about their days.
Aside from the truly creepy overtones of quiet eyes watching your moves from your own pocket, that lack of privacy for user data also has serious national security implications.
Cellphone location data, through a workout app that tracked users’ runs, for example, revealed military bases, including CIA black sites. Additional research demonstrated how location data could be used to uncover Taiwanese missile sites by tracing individuals who rotate through different bases — especially when combined with other easily available information.
Clearly, data privacy has profound national and individual security concerns.
But, when Zumigo made its pitch to the Federal Communications Commission, as documented in a publicly available slide deck, it argued just the opposite: to protect safety, users should be pushed to waive their privacy rights.
Those slides, reported this week by Motherboard, are ingeniously deceptive. Arguing:
In another slide they add:
Later, Zumigo tries to argue that privacy for safety is really what consumers want:
Although there are legitimate uses of willingly shared data and even large, aggregated data sets, consumers and the government shouldn’t be duped by these suggestions the sharing and sale of deeply revealing information linked to individuals does not itself represent a profound privacy concern.
So far, the FCC doesn’t seem to buy Zumigo’s arguments. Indeed, as FCC Chairman Ajit Pai explained to Motherboard, “The FCC has no interest in removing consent requirements around the sharing of personal data.”
Congress and consumers shouldn’t be swayed either. Companies that sell data to bounty hunters aren’t interested in security even if that’s what they told the government.
